openstack-keystone: OpenStack Keystone: Unauthorized access and privilege escalation via AWS signature validation flaw

A flaw was found in OpenStack Keystone. This vulnerability allows an attacker to obtain a valid OpenStack's Keystone token, leading to access to unauthorized resources or privilege escalation within the OpenStack instance via sending a valid AWS Amazon Web Services signature to the /v3/ec2tokens ...

Exploit for Missing Authentication for Critical Function in F5 Big-Ip_Access_Policy_Manager

Vulnerability Details fofa： title="BIG-IP" || i...

CVE-2020-5425 User Impersonation possible in Tanzu SSO

Single Sign-On for Vmware Tanzu all versions prior to 1.11.3 ,1.12.x versions prior to 1.12.4 and 1.13.x prior to 1.13.1 are vulnerable to user impersonation attack.If two users are logged in to the SSO operator dashboard at the same time, with the same username, from two different identity...

The vulnerability of the connected authentication module of the Linux operating system PAM, which allows a hacker to trigger a service failure.

The vulnerability of the connected authentication module in the PAM operating system of Astra Linux relates to the inability for domain users to obtain token tokens during authentication when they lose connection to the domain server. Exploiting this vulnerability could allow a malicious actor to...

Nextcloud Server Authorization Issues Vulnerability

Nextcloud is an open source self-hosted file synchronization and sharing communication application platform from Nextcloud Germany.Nextcloud Server is one of the server version. An authorization issue vulnerability exists in Nextcloud Server. An attacker could exploit the vulnerability to obtain ...

auth0-js Privilege Escalation Vulnerability

A cross-origin vulnerability has been discovered in the Auth0 auth0.js library affecting versions 8.12. This vulnerability allows an attacker to acquire authenticated users' tokens and invoke services on a user's behalf if the target site or application uses a popup callback page with...